Clorox Takes Down Some IT Systems After ‘Unauthorized Activity’

August 15, 2023 by

Clorox Co. has taken some of its information technology systems offline after identifying “unauthorized activity” in its computer networks that has disrupted some business operations.

The incident is expected to continue to affect some parts of the business operations, the Oakland, California-based consumer products company said Aug. 14 in a regulatory filing.

“While we are working diligently to respond to and address this issue, these systems will remain offline out of an abundance of caution, as we work to add additional protections and hardening measures to further secure them,” a Clorox spokesperson said in an email.

“As a result, some operations are temporarily impaired,” the spokesperson said. “We are following our business continuity plans and implementing workarounds where possible.”

Clorox didn’t provide further details on the type of cyberattack or the specific business operations affected by the incident. Law enforcement is investigating and cybersecurity breach experts have been called in to help track what has happened and recover data, the company said in the filing.

While Clorox hasn’t specified how the intruders were able to get into its systems, a number of large companies have found themselves targets in ransomware attacks, in which criminals request money in return for stolen data and, on some occasions, their silence. IAG SA’s British Airways, PricewaterhouseCoopers LLP, Ernst & Young and numerous government departments were targeted with ransomware by the criminal gang Clop in recent months.

The US Securities and Exchange Commission last month approved new rules that beginning in September will require companies to disclose most cyberattacks within four days of an incident.

Photograph: A computer mouse; photo credit: Andrey Rudakov/Bloomberg